aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Fuchs <mfuchs@pfsense.org>2007-10-29 13:51:48 +0000
committerMartin Fuchs <mfuchs@pfsense.org>2007-10-29 13:51:48 +0000
commit396c72a9a8d78301e34503f4a28e027e06045469 (patch)
tree4bb4ca051a8091b5e31e2dfafd8b0fe358476407
parent8d0e5329e1f603a616f709d568b18cdafb0b16b2 (diff)
downloadpfsense-packages-396c72a9a8d78301e34503f4a28e027e06045469.tar.gz
pfsense-packages-396c72a9a8d78301e34503f4a28e027e06045469.tar.bz2
pfsense-packages-396c72a9a8d78301e34503f4a28e027e06045469.zip
squid: use ip-group for RFC1918
-rw-r--r--packages/squid/squid.inc4
1 files changed, 1 insertions, 3 deletions
diff --git a/packages/squid/squid.inc b/packages/squid/squid.inc
index 6835be33..22af123b 100644
--- a/packages/squid/squid.inc
+++ b/packages/squid/squid.inc
@@ -1046,9 +1046,7 @@ function squid_generate_rules($type) {
$rules .= "\n# Setup Squid proxy redirect\n";
if ($squid_conf['private_subnet_proxy'] == 'on') {
foreach ($ifaces as $iface){
- $rules .= "no rdr on $iface proto tcp from any to 10.0.0.0/8 port 80\n";
- $rules .= "no rdr on $iface proto tcp from any to 172.16.0.0/12 port 80\n";
- $rules .= "no rdr on $iface proto tcp from any to 192.168.0.0/16 port 80\n";
+ $rules .= "no rdr on $iface proto tcp from any to { 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 } port 80\n";
}
}
foreach ($ifaces as $iface){